package com.up.upzl.base.config;

import java.util.Set;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

import com.google.common.collect.ImmutableSet;
import com.up.upzl.biz.bean.SysAccountInSession;
import com.up.upzl.biz.common.Constant;

/**
 * WebMVC配置
 * 
 * @author geeks
 *
 */
@Configuration
public class WebMVCConfig extends WebMvcConfigurerAdapter {

	/**
	 * 忽略验证的路由
	 */
	private Set<String> ignorePath = ImmutableSet.of("/error", "/index", "/error/403.html", "/login.html", "/login",
			"/dologin", "/logout", "/baiduMap/locate","/area/findArea", "/area/findCity", "/shopBusinessType/findParent", "/shopBusinessType/findSon", "/businessArea/getByAreaId");

	/**
	 * 权限拦截验证
	 */
	@Override
	public void addInterceptors(InterceptorRegistry registry) {
		  
		super.addInterceptors(registry);
		registry.addInterceptor(new HandlerInterceptor() {

			@Override
			public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
					throws Exception {
				String requestURI = request.getRequestURI();
				if (requestURI.endsWith("/")) {
					requestURI = requestURI.substring(0, requestURI.length() - 1);
				}
				if (!ignorePath.contains(requestURI)) {
					SysAccountInSession userInSession = (SysAccountInSession) request.getSession()
							.getAttribute(Constant.USER_IN_SESSION_KEY);
					if (userInSession == null) {
						Boolean isAjax = "XMLHttpRequest".equals(request.getHeader("x-requested-with"));
						if (isAjax) {
							response.setHeader("content-type", "application/json;charset=UTF-8");
							response.getWriter().print("{\"Type\" : 401}");
							return false;
						} else {
							response.sendRedirect("/login.html");
							return false;
						}
					} else {
						if (userInSession.getAppActions().contains(requestURI) || "/index.html".equals(requestURI)) {
							return true;
						} else {
							//Boolean isAjax = "XMLHttpRequest".equals(request.getHeader("x-requested-with"));
						//	if (isAjax) {
							//	response.setHeader("content-type", "application/json;charset=UTF-8");
						//	response.getWriter().print("{\"Type\" : 403}");
//								return false;
						//	} else {
								//response.sendRedirect("/error/403.html");
						//	}
						//	return false;
						}
					}
				}
				return true;
			}

			@Override
			public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
					ModelAndView modelAndView) throws Exception {
				// TODO Auto-generated method stub
				 response.setHeader("X-Frame-Options", "SAMEORIGIN");
          
			}

			@Override
			public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
					Exception ex) throws Exception {
				// TODO Auto-generated method stub
				 response.setHeader("X-Frame-Options", "SAMEORIGIN");
			}
		});
	}

}
